Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a Spring application that uses JAX-WS to consume another web service. Everything works fine but now this web service has been switched to require digest passwords. How could I accomplish this with JAX-WS?
I see from Sprig documentation that this should be possible but I cannot find any code samples with JAX-WS: http://static.springsource.org/spring-ws/site/reference/html/security.html#d4e2684
Has anyone done this earlier? Any code samples would be much appreciated.
After digging around and reading documentation it seems that digest authentication is not possible currently with JAX-WS. The surprising part is that it shouldn’t be too difficult to implement using existing tools. I didn’t go this way but I’ll write it down anyway in case if someone else would be interested to take the challange.
JAX-WS supports adding handlers that modify the message or its headers before it’s sent over the wire. Obtaining nonce and calculating password digests could be done in that phase as well. There is a blog post that adds handlers to encrypt and decrypt the messages that could be used as a base for this.
Axis2 that has digest authentication support uses Apache WSS4J for security. So WSS4J project must have all the methods to calculate values, the only required part would be to call the right methods in the JAX-WS callback handler (and get the nonce).